- Home /
- Resources /
- Learning center /
- Devices on Single...
Devices on Single VLAN with no Internet or Device Access
Networking Architecture (Scenario 5) - Building a private layer 2 network where devices are connected to each other without external Internet or device connections.
On this page
In this scenario:
- No devices are connected to the Internet
- There are no Internet connections
- Devices communicate with each on a single, shared Layer 2 VLAN
- Devices use private IPs allocated by you
- Devices are in a single metro
- The top-of-rack (ToR) router functions entirely as a switch, with no routing
You have a fully isolated VLAN. All of your devices are on this VLAN, and can communicate at Layer 2 with each other, but not with any other devices or the Internet.
Devices receive no private or public IP addresses from Equinix Metal; all addresses are assigned by you.
- Create a VLAN.
- Create as many devices as you desire, without a public or private IP address but connected to the VLAN, using the Equinix Metal console or API.
- For each device, retrieve the port ID for the network port, using the Equinix Metal console or API.
- For each device, assign that network port to the VLAN, using the Equinix Metal console or API.
- On each device, assign an IP address of your choosing.
You do not assign the IP using the Equinix Metal console or API. It is entirely up to you to manage the IP addresses and decide which devices get which IPs.
For more information on layer-2-only modes, see the official Equinix Metal documentation for Layer 2 Only Bonded Mode and Layer 2 Only Unbonded Mode.
Multiple Metros
Although you can deploy one or more VLANs, each to a separate metro and each with its own IP range, there is no native way for the devices in each VLAN to communicate with each other. For that matter, there is no way for the devices in two VLANs in the same metro to communicate with each other. Each VLAN is fully isolated.
If you wish to create communications links between VLANs, whether in the same metro or in different metros, you have several options:
- Connect your VLAN to the Equinix Metal network, either entirely private or publicly connected to the Internet, using the Metal Gateway architecture
- Connect your VLAN to the Equinix Metal network, either entirely private or publicly connected to the Internet, using the NAT Gateway architecture.
- Connect one or more devices to multiple VLANs, with each interface on a different VLAN, using the VLAN-to-VLAN architecture
You may also like
Digger deeper into similar topics in our archives
Configuring BGP with BIRD 1.6 on an Equinix Metal Server
Set up BGP on your Equinix Metal server using BIRD 1.6, covering IP configuration, installation, and neighbor setup to ensure robust routing capabilities between your server and the Equinix Metal network.
Configuring BGP with FRR on an Equinix Metal Server
Establish a robust BGP configuration on your Equinix Metal server using FRR, including setting up network interfaces, installing and configuring FRR software, and ensuring secure and efficient IP address announcement.
Crosscloud VPN with Wireguard
Learn to establish secure VPN connections across cloud environments using WireGuard, including detailed setups for site-to-site tunnels and VPN gateways with NAT on Equinix Metal, enhancing cross-platform security and connectivity.
Deploy Your First Server
Learn the essentials of deploying your first server with Equinix Metal. Set up your project & SSH keys, provision a server and connect it to the internet.
Ready to kick the tires?
Use code DEPLOYNOW for $250 credit